Oil and gas giant Royal Dutch Shell (Shell) is the latest company to have confirmed impact from the December 2020 cyber-attack on Accellion’s File Transfer Appliance (FTA) file sharing service.
A legacy service designed to allow for the sharing of large files, Accellion’s FTA service fell victim to a cyber-attack in December 2020, when hackers exploited zero-day vulnerabilities to gain access to customer data.
The soon-to-be-retired service had roughly 300 customers at the time, with up to 25 of them suffering significant data compromise following the incident.
Some of those to have already confirmed impact include U.S.-based grocery and pharmacy chain Kroger, law firm Jones Day, information security and compliance solutions provider Qualys, Australian health and transport agencies, the Office of the Washington State Auditor (SAO), the Reserve Bank of New Zealand, and jet maker Bombardier.
In a data breach notification last week, Shell confirmed that it too was affected by the security incident.
Shell says that it worked with Accellion to immediately address the security holes, while also launching an investigation into the incident. To date, the investigation hasn’t revealed impact on Shell’s core IT systems – the FTA service is isolated from Shell’s infrastructu ..
Support the originator by clicking the read the rest link below.
